WannaCry is a ransomware program that targets Microsoft Windows by encrypting victims’ files and making them inaccessible, and then requiring a ransom payment to decrypt them. It is also called Wanna Decryptor 2.0, WCry 2, WannaCry 2, and Wanna Decryptor 2. Victims can only restore their systems by paying 300 dollars worth of bitcoin ransom to the attacker. This article provides some solutions to help you protect your Synology NAS against this program.

Impact on DiskStation Manager (DSM)

WannaCry only targets Microsoft Windows systems, so DSM will not be affected. However, if your Synology NAS is mounted on a Windows mapped-network drive with the write permission enabled, it might be at risk of being encrypted. For detailed information, please refer to this Security Advisory.

Prevent the data on your Synology NAS from being encrypted

Even though DSM will not be affected by WannaCry in this wave of attacks, you should still back up your Synology NAS regularly in order to protect your data from network threats, unexpected hardware failure, and natural disasters with Synology’s multi-version backup, Hyper Backup, Snapshot Replication, and other backup methods. For detailed information on how to protect yourself against encryption-based ransomware, please refer to this page.

Use Synology’s multi-version backup to restore encrypted files on Windows PC

1. Turn off the WiFi for your Windows PC or unplug your network cable.
2. Wipe out your system to make sure it is free of infection.
3. Update Windows to the latest version. Please refer to the emergency security patch update released by Microsoft for all of the unsupported versions of Windows.
4. Restore your computer using Synology's backup features.

If your Synology NAS hosts Windows virtual machines

If you host virtual machines that run Windows without installing the security update for MS17-010, these machines could be at risk. We highly recommend you to install the latest version of Windows immediately.